CVE-2016-9933 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	Stack consumption vulnerability has been discovered in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-58	php	7.0.12-2	7.0.13-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
18 Nov 2016	ASA-201611-19	AVG-58	php	High	multiple issues

References
https://bugs.php.net/bug.php?id=72696 https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1 http://www.openwall.com/lists/oss-security/2016/12/12/2